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VERSION MARKED UP TO SHOW CHANGES BEING MADE 



1 29. (Twice amended) A system for controlling user access in a distributed computing 

2 environment, comprising: 

3 a global policy specifying access privileges of the user to securable components; 

4 a policy manager located on a server for managing and distributing to a client a 

5 local client policy based on the global policy [to a client], and 

6 an application guard located on the client for managing access to the securable 

7 components as specified by the local client policy; 

8 wherein the application guard further allows for additional customized code to 

9 process and evaluate authorization requests based on the additional 
10 customized code. 

1 69. (Amended) A method for maintaining security in a distributed computing 

2 environment, comprising: 

3 managing a security policy via a policy manager; and 

4 managing^ via an application guard A access to securable components as specified 

5 by the security policy; 

6 wherein the application guard further allows for additional customized code to 

7 process and evaluate authorization requests based on the additional 

8 customized code. 
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1 70. (Amended) A method for controlling user access via a system in a distributed 

2 computing environment, comprising: 

3 specifying via a global policy [access] privileges of the user [via a global policy] 

4 to access securable components; 

5 managing and distributing^ via a policy manage r, to a client, a local client policy 

6 based on the global policy [located on a server to a client], and 

7 managing^ [access] via an application guard located on the clien t, access to the 

8 securable components as specified by the local client policy; 

9 wherein the application guard further allows for additional customized code to 

10 process and evaluate authorization requests based on the additional 

1 1 customized code. 

1 71. (Amended) A method for authorization that provides for a user access to 

2 securable components of a system [for a user], comprising: 

3 specifying via a policy [access] privileges of the user [via a policy] to access the 

4 securable components; 

5 managing [access] via an application guard access to the securable components; 

6 and 

7 executing the application guard via a processor coupled to the [said] system [said 

8 application guard]; 

9 wherein the application guard further allows for additional customized code to 

10 process and evaluate authorization requests based on the additional 

1 1 customized code. 
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1 79. (Amended) A method for providing a system for controlling user access in a 

2 distributed computing environment, comprising: 

3 providing a global policy specifying [access] privileges of the user to access 

4 securable components; 

5 providing a policy manager located on a server for managing and distributing toa 

6 client a local client policy based on the global policy [to a client], and 

7 providing an application guard located on the client for managing access to the 

8 securable components as specified by the local client policy; 

9 wherein the application guard further allows for additional customized code to 

10 process and evaluate authorization requests based on the additional 

1 1 customized code. 
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